This report provides test results and reviews of security products for smartphones running Google’s Android operating system.

This Andrdoid Mobile Security Review and Test performed by AV-Comparatives provides test results and reviews of security products for smartphones running Google’s Android operating system. Amongst other things, this report aims to help readers decide whether they would benefit from the more comprehensive and sophisticated security features provided by a third-party security app.

Please finde the report here:
https://www.av-comparatives.org/tests/mobile-security-review-2018/#avc-undroid-analyzer


Besides the reviews, which cover the user experience of the apps, the results of comprehensive tests on malware protection rates and battery consumption are provided as well. Additionally, a short table at the end of each product report gives an overview of any anti-theft functions included in that product. Many of the reviewed and tested apps have components which are not security-related, such as power and memory optimizers and data backup tools.

The review mainly focuses on the security features – anti-malware, anti-theft, and privacy – and only mentions further functionalities briefly. The structure of each product report is identical, allowing readers to compare products easily.

The main purpose of a mobile security product is to protect users and their devices from potential harm inflicted by malicious apps, fraudulent mails, or phishing URLs. Readers should note that recent Android versions incorporate some basic anti-malware features. For example, Google’s built-in malware scanner Play Protect checks apps during installation from the Google Play store or a third-party source and scans the device continuously for any threats. Google’s Safe Browsing API protects against malware and phishing links when the user is surfing the Internet using the Chrome browser.

Furthermore, an anti-theft component in a security app could be used to find a lost or stolen phone, and/or prevent access to any personal data stored on the device. Basic anti-theft features (lock, locate, alarm, and wipe) are already provided by recent versions of Android via Google’s Find My Device function.

On the following pages, we provide a brief overview of the risks facing smartphone users from malware and the loss or theft of their device, and discuss the benefits of security apps. We start by recapping Android Oreo’s new features and security behaviour changes. Furthermore, we will argue why it is not advisable to rely only on built-in malware protection features (all latest and newer Android devices are already equipped with such functions), but instead install a third-party anti-virus app to be better protected against security threats. After that, we give a short summary of security features and their main sub-components commonly implemented in typical security apps for Android.

At the end of the introduction, we list the participating security products, and present the results of the malware and battery drain tests. Detailed reviews of the individual products follow, in which we will shed light on the layout and usage of the features. In the table representing a product’s anti-theft features, we comment on each function briefly and use the following symbols to indicate how well it worked in our tests.

Google Play Protect

In May 2017, Google announced its new built-in malware protection for Android, Play Protect, which checks apps and APK files when they are downloaded using the Google Play store app or third-party sources. Since August 2017, it has been available on all Android devices with Google Play Services 11 or later, and is preinstalled on devices with Android 8.0 and later. Play Protect constantly monitors the device and all the user’s data, and notifies the user of any security risks found. It also scans the Google Play store and all installed apps for any signs of malware, and includes the three functions malware scanner, device loss (Find My Device), and safe browsing.

One might think that third-party anti-virus apps are no longer necessary for Android devices, due to Google’s built-in malware and protection features. This might be true for Android devices with Play Protect integrated into the preinstalled Google Play store app. However, some Android devices (e.g., Amazon’s Fire line) do not benefit from the built-in malware protection of Play Protect as they do not run Google apps by default.

Please finde the report here:
https://www.av-comparatives.org/tests/mobile-security-review-2018/#avc-undroid-analyzer

Free Security Service Available:

At this point, we would like to recommend AVC UnDroid, our Android app analysis tool, which is available free to all users. It is a static analysis system for detecting suspected Android malware and adware and providing statistics about it. Users can upload APK files and see the results in various analysis mechanisms.

We invite readers to try it out:

AV-Comparatives released the results of the anti-phishing certification test. This qualification test is the most comprehensive anti-phishing test available.

AV-Comparatives publishes test results of security companies passing the 2018 phishing challenge

The independent security software tester AV-Comparatives released the 2018 results of the yearly anti-phishing certification test. This yearly qualification test is the most comprehensive and challenging anti-phishing test available.

Relevance of specialized Anti-Phishing protection

Phishing is an attempt to obtain sensitive personal or financial information such as usernames, passwords, credit card and banking details for malicious and fraudulent purpose by posing as a reputable entity or person. Phishing attempts typically contain a message (the bait) in a trustworthy look and feel containing a link (the hook) to a malicious website.

Three security vendors pass the 2018 challenge – Avast, Fortinet, Kaspersky

Security products passing the challenge have proven to successfully block at least 90% of malicious URL’s. These URL’s were fresh and active phishing campaigns, which we collected, verified and analyzed through our real-world malware testing environment. The freshness of our test set is what makes our phishing protection test so challenging and unique.

The follwing vendors reached the certification:

Avast
Fortinet
Kaspersky

Read the full report here!

Read the full test methodolgy here!

AV-Comparatives released results of their 2018 enterprise IT-security test. It is the most complete Business security comparative test in the IT security industry.

Business Security Test 2018 (March – June)


AV-Comparatives publishes 2018 enterprise IT-security test with usability reviews to assess endpoint effectiveness under real-world conditions

18 July 2018, Innsbruck, Austria – The independent security software tester AV-Comparatives released the half year results of their Business Main-Test Series. It is the most complete Enterprise IT security comparative test in the endpoint security industry.

The real-world effectiveness of an endpoint protection IT security solution is not solely based on the results of Av-Comparatives’ award-winning test framework, but also includes a review on the ease of use of these market leaders brand business security solutions. This multi aspect assessment makes AV-Comparatives Business Main-Test Series the most comprehensive endpoint security report for small to large business organizations.

Download the complete 72-page PDF report for free
https://www.av-comparatives.org/wp-content/uploads/2018/07/avc_biz_2018_07_en.pdf

________________________________________

Most comprehensive Business IT-Security Test

We are pleased to announce the publication of the half-year report of our Business Main-Test Series. This business test assesses endpoint protection on multiple aspects. AV security software is available for all sizes and types of business. Effectiveness of endpoint security should also be evaluated in the context of the organization it is applied in. What fits well at the smaller end of the SME (small to medium enterprise) market is probably not going to be quite so appropriate to larger corporations.

To provide practical and useful information to security specialists, IT-managers and business owners, AV-Comparatives assesses business security products on multiple aspects:

Real-World Protection
This test mimics the dangers an end-user encounters in every day conditions. This award winning dynamic test allows to fully test all protection mechanisms of an AV-solution during all stages of a malware intrusion scenario. This test includes a false positives test on (wrongly blocked) domains as well as (wrongly blocked) downloaded files.

Malware Protection
AV-products are assessed on their ability to protect a system against infection by malicious files before, during or after execution. This test includes a false positives test on common business software. The effectiveness of endpoint protection is critically influenced by both malware infections and false positives, because both disrupt business operations.

Performance Impact
False positives and performance impact are two important factors determining end user acceptance of security products. When users are not hindered they have no incentives to evade company security policies, making these aspects an indirect success factor.

Product Reviews
The individual reviews provide insights in the ease of use and central management. Ease of use includes installation & deployment, daily use and remediation & outbreak containment. With the increasing importance of BYO (bring your own) the ease of which various sorts of endpoint devices can be protected is an important consideration for most organizations.



AV-Comparatives Approved Business Product Award

As in previous years, we are giving our “Approved Business Product” award to qualifying products. As we are now conducting two tests of business products per year, separate awards will be given to qualifying products in July (for March-June tests), and December (for August-November tests) for July, and one for December.

We congratulate the 16 vendors who are participating in the Business Main-Test Series for having their business endpoint protection products publicly tested by an independent lab, showing their commitment to improving their products, being transparent to their customers and having confidence in their product quality. Read our report to see which products were awarded.

Read More

_____________________________________________

About AV-Comparatives


AV-Comparatives is an independent organization offering systematic testing to check whether security software, such as PC/Mac-based antivirus products and mobile security solutions, lives up to its promises. Using one of the largest sample collections worldwide, it creates a real-world environment for truly accurate testing. AV-Comparatives offers freely accessible results to individuals, news organizations and scientific institutions. Certification by AV-Comparatives provides an official seal of approval for software performance, which is globally recognized.

The results can be used by editors / media / bloggers etc. for free. Please give as source https://www.av-comparatives.org

18 Internet Security Suites for Windows tested in a Real-World Environment in a long term test – more testcases than ever!!

18 Internet Security Suites for Windows tested in a Real-World Environment.

Currently, AV-Comparatives‘ Whole-Product Dynamic Real-World Protection Test is the most comprehensive and complex test available when it comes to evaluating the real-life protection capabilities of antivirus software. Simply put, the test framework replicates the scenario of an everyday user in an everyday online environment – the typical situation that most of us experience when using a computer with an Internet connection. It creates a realistic setting where the antivirus products must show their ability to thoroughly protect the user’s computer when surfing the web.

Find the detailed results on the AV-Comparatives’ website!

In this test, all protection features of the product can be used to prevent infection – not just signatures or heuristic file scanning. A suite can step in at any stage of the process – accessing the URL, downloading the file, formation of the file on the local hard drive, file access and file execution – to protect the PC. This means that the test achieves the most realistic way of determining how well the security product protects the PC. Because all of a suite’s components can be used to protect the PC, it is possible for a product to score well in the test by having e.g. very good behavioural protection, but a weak URL blocker. However, we would recommend that all parts of a product should be as effective as possible. It should be borne in mind that not all malware enters computer systems via the Internet, and that e.g. a URL blocker is ineffective against malware introduced to a PC via a USB flash drive or over the local area network.

In spite of these technologies, it remains very important that also conventional and non-cloud features such as the signature-based and heuristic detection abilities of antivirus programs continue to be tested. Even with all the protection features available, the growing frequency of zero-day attacks means that some computers will inevitably become infected. As signatures can be updated, they provide the opportunity to recognize and remove malware which was initially missed by the security software. Other protection technologies often offer no means of checking existing data stores for already-infected files, which can be found on the file servers of many companies. Those security layers should be understood as an addition to good detection rates, not as a replacement.

The Whole-Product Dynamic “Real-World” Protection test is a joint project of AV-Comparatives and the University of Innsbruck’s Faculty of Computer Science and Quality Engineering. It is partially funded by the Republic of Austria.

The methodology of our Real-World Protection Test has received the following awards and certifications, including:

Constantinus Award – given by the Austrian government
Cluster Award – given by the Standortagentur Tirol – Tyrolean government
eAward – given by report.at (Magazine for Computer Science) and the Office of the Federal Chancellor
Innovationspreis IT – “Best Of”– given by Initiative Mittelstand Germany
_______________________________________________________________________________

About AV-Comparatives

AV-Comparatives is an independent organisation offering systematic testing to check whether security software, such as PC/Mac-based antivirus products and mobile security solutions, lives up to its promises. Using one of the largest sample collections worldwide, it creates a real-world environment for truly accurate testing. AV-Comparatives offers freely accessible results to individuals, news organizations and scientific institutions. Certification by AV-Comparatives provides an official seal of approval for software performance, which is globally recognized.

The results can be used by editors / media / bloggers etc. for free. Please give as source https://www.av-comparatives.org

This month’s AV-Comapratives’ blog is about Mark Zuckerberg’s promise, GDPR, Facebook’s new data leak and politicians putting their money where their mouth is.

No, AV-Comparatives is not going to talk about the classic Motown song out of the sixties performed by the Four Tops. This month’s blog is about Mark Zuckerberg’s promise, GDPR, Facebook’s new data leak and politicians putting their money where their mouth is. The question is, will that money be put on privacy or security?


The same old song

Only three months ago, the NY Times, Guardian and Observer reported a massive data breach by Cambridge Analytica involving millions of Facebook users. When the press and politicians dived into this scandal it turned out that sensitive privacy data of 87 million Facebook users was misused.

After the incident picked up media attention, Mark Zuckerberg, the CEO of Facebook apologized to press and US and EU politicians and promised to take measures to prevent this from ever happening again. After the meetings Facebook announced to improve its security and privacy settings.

With a different meaning?

Well we at AV-Comparatives are sad to say not really. On the 27th of June 2018 the Norwegian Consumer Council Forbrukerradet published a report ‘deceived by design’ in which tech companies like Google and Facebook are accused of applying misleading ‘dark patterns’. These ‘dark patterns’ trick users in choosing less secure and private settings in favour of user tracking and advertising.

When these ‘dark patterns’ have the claimed effect on user privacy, these documented practices should trigger the attention of GDPR policy keepers. The goal of the GDPR is to protect the privacy of EU-citizens.

Mark Zuckerberg faced EU-parliament three days before the GDPR became effective. This explains why he only faced the (toothless) EU for 90 minutes while spending two full days to explain himself to the US-senate.

To make things worse, on the 28th this month Facebook came under fire again, because ‘Name Test’, a popular Facebook Quiz app, had exposed privacy sensitive data of 120 million Facebook users.

Put your money on privacy or security?

The ‘deceive by design’ report and the recent Facebook data breach seemingly make a strong case for a further investigation on Facebook’s GDPR’s compliance. Not complying with GDPR-standards can lead to fines up to 20 million euro or four percent of the world-wide turnover of a company (whatever is more). Facebook’s revenue surpassed 40 billion dollars in 2017.

Why is nobody mentioning the GDPR in relation to recent Facebook data breaches? Such a law case would make a great show case for privacy. Image what EU-projects and policies could be affected with a 1.6-billion-dollar budget (four percent of Facebook’s annual turnover).

To answer our own question, both press and politics have shifted their attention to other issues. The press seems to focus on US and EU immigration issues and politicians seem to be preparing the US and the EU on a future cyber war.

____________

About AV-Comparatives
AV-Comparatives is an independent organization offering systematic testing that checks whether security software, such as PC/Mac-based antivirus products and mobile security solutions, lives up to its promises. Using one of the largest sample collections worldwide, it creates a real-world environment for truly accurate testing. AV-Comparatives offers freely accessible results to individuals, news organizations and scientific institutions. Certification by AV-Comparatives provides an official seal of approval for software performance which is globally recognized.

The story of AV-Comparatives began the way it does with so many computer users, namely with a virus infection. In 1993, Andreas Clementi was hit by a computer virus: the “November 17 virus – NOV_17.855”. This awakened his interest. Andreas was not satisfied with the sometimes very contradictory tests of antivirus programs in computer magazines, and so began the intensive investigation of malware and antivirus software, which continues to this day. In 1999, he founded AV-Comparatives as a student project at the University of Innsbruck. This was done purely out of technical interest, to see how good the products of different manufacturers actually are. The response was enormous, as the manufacturers of antivirus software became aware of the duo in Innsbruck and wanted to take part in the tests.